RE: portscanner

Moral implications aside, you should be able to write this yourself, with a little guidance. I don't know if this is a school project, in which case you shouldn't be asking for help, or if this is a questionable use script, in which case do your own dirty work, but part of the gift of power is the responsibility.

Guidance:

Look in to socket programming. For port scanners, you will be probably be sending SYN packets for TCP service ports, and request-type packets to UDP ports. Socket programming will give you those abilities.
You will want speed, so look into perl algorithms to speed up your code. The wolf book is my favorite.
You will want effective code, so look into Effective Perl Programming co-written by our own Randal Schwartz.
If you want advanced features, pick up a networking book and learn on your own how to interract with different services running on each port.
Some good links:
- ftpcheck.pl
- COTSE
- Search Engine: learn to do your own research.

Don't expect everything handed to you. Looking for guidance is one thing. Looking for solutions is another. If this is supposed to be a learning experience, you should probably go talk to your professor.

J. J. Horner
Linux, Perl, Apache, Stronghold, Unix
jhorner@knoxlug.org http://www.knoxlug.org/

Comment on RE: portscanner

Replies are listed 'Best First'.
RE: RE: portscanner by Ozymandias (Hermit) on Jun 12, 2000 at 19:52 UTC
And I thought I had a hair trigger! JJ, there are plenty of legitimate reasons to build a portscanner into an application. As an admin, I have four different KINDS of portscanners - and I've never been anything but a white-hat. I use portscans to validate my network security; to check that all the required services on a remote system are working (this has advantages over process-checking); to check for active trojans and NetBus-style programs; and, in one rare case, as an authentication tool. (I spent some time trying to create an ultra-secure system; one technique I liked was to create simple "bounce-back" servers that sat on three odd ports on the client system. If the client requesting access to the system had those three ports open, but no others, and the valid key, it was permitted access.) Can a portscanner be used for cracking? Certainly. A crowbar can be used for a break-in, too. That doesn't mean I think everyone I see in the hardware store looking for a crowbar is a burglar. The rest of your answer was good, and as it happens, I agree that SoPW isn't a place for total solutions - but it is a place for someone to ask questions. Which this person did. He (or she) even thanked the person who answered their question, and just in case they aren't around at the moment, I'll thank you for that list of resources. It's very good, and should be a mini-FAQ we can point other newbies to. One more detail, just in case this particular portscanner is intended for ungood purposes; Don't. Portscanners have been around for a long time. If you use a portscanner that simple for illegitimate purposes against someone's network - say, mine - your source IP will be logged and I'll know it before the scan's complete. Which will make me take an interest in who you are, where you are, and which ISP you're soon to be formerly using. No threat, just a warning; there are stupid admins out there, no doubt about it, but these days even the stupid ones have better security than that. - Ozymandias	[reply]
RE: RE: RE: portscanner by jjhorner (Hermit) on Jun 12, 2000 at 19:57 UTC
I agree with you. As a system admin I make use of dual-use tools all the time. I was just warning that there are moral implications to making something that can be used as a tool and a weapon. Look at fission: Very good and very bad. Look at guns: Very good and very bad. Look at hemp: very good, very bad, and sometimes very illegal. I was just giving a gentle reminder that there are questionable uses for things, but I didn't mean to imply that the only use for such tools was bad. Thanks for pointing out my somewhat misleading response. J. J. Horner Linux, Perl, Apache, Stronghold, Unix jhorner@knoxlug.org http://www.knoxlug.org/	[reply]